NEWS
NEWS
NEWS
Hacking forum gets hacked itself
In a karmic case of the metaphorical shoe being on the other foot, a forum dedicated to stealing and sharing stolen information, credentials, and content was itself hacked, and the information on its 500,000 users leaked onto the net.
The target was Nulled.io, an underground forum in which users share software cracks, content leaks, and stolen personal information and credentials. The breach resulted in the theft of 9.45 gigabytes of information, including user information, IP addresses, passwords, and payment information such as PayPal emails and costs. In short, it was a huge sum of personal information.
Ars Technica notes that private message conversations were also leaked, in which users discuss notably illegal activities such as installing keyloggers, breaking into Hotmail accounts accounts, and trading stolen Bitcoin and PayPal accounts. With over 2 million posts and 800,000 private messages, there’s a lot of incriminating evidence that can be linked to the various user accounts.
While the means of breaching the forum are currently unknown, Threat Post reports, the options are not limited; the IP.Board forum, made by Invasion Power Services, Inc., has over 100 known vulnerabilities, so the hacker had plenty of options. It seems a little ironic that a forum for and about hackers would use a forum type with so many weaknesses, but hindsight is 20-20, as the saying goes.
According to Risk Based Security, Inc.:
“When services such as Nulled.io are compromised and data is leaked, often it exposes members who prefer to remain anonymous and hide behind screen names. By simply searching by email or IP addresses, it can become evident who might be behind various malicious deeds. With this being such a comprehensive dump of data, it offers up a very good set of information for matching a member ID to the attached invoices, transactions, and other content such as member messages and posts.”
Given the content in question on the forum, it’s no wonder why its members would want to keep their identities secret. In addition to tying names and faces to any number of cyber crimes, the forum members should know very well what kind of damage can be done with the information that was stolen and leaked.
Still, for a site whose tagline is “Expect the unexpected,” maybe they should have expected this.
Photo by The Preiser Project
A message from John Furrier, co-founder of SiliconANGLE:
Support our open free content by sharing and engaging with our content and community.
Join theCUBE Alumni Trust Network
Where Technology Leaders Connect, Share Intelligence & Create Opportunities
11.4k+
CUBE Alumni Network
C-level and Technical
Domain Experts
15M+
theCUBE
Viewers
Connect with 11,413+ industry leaders from our network of tech and business leaders forming a unique trusted network effect.
SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
